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REMARKS 

Claims 1-50 are pending, in which no claims are amended, canceled, withdrawn, or newly 
presented. 

The final Office Action mailed November 18, 2004 rejected claims 1-5, 15, 17, 21-22, 
26-30, 39, 41, and 45-46 under 35 U.S.C. § 103(a) as obvious over Amara et al (U.S. 6,674,743) 
in view of Bhattacharya et al (U.S. 6,587,466), claims 6-10, 12-14, 16, 18, 23-25, 31-35, 37-38, 
40, 42, and 47-50 under 35 U.S.C. § 103(a) as obvious over Amara et al. in view of 
Bhattacharya et al and further in view of Gai et ah (U.S. 6,167,445), claims 19 and 43 under 35 
U.S.C. § 103(a) as obvious over Amara et al in view of Bhattacharya et al and further in view 
of Gibson et al (U.S. 6,680,943), claims 20 and 44 under 35 U.S.C. § 103(a) as obvious over 
Amara et al in view of Bhattacharya et al and further in view of Jorgensen (U.S. 6,452,915), 
and claims 11 and 36 under 35 U.S.C. § 103(a) as obvious over Amara et al, Bhattacharya et al, 
and Gai et al and further in view of Natarajan et al (U.S. 6,505,244). 

The rejection of claims 1-50 is respectfully traversed because the references at least do 
not disclose "passes identified messages via a message interface to an external processor 
included in said network access system for implementation of the policy-based services by the 
external processor" as recited by independent claim 1, "passing identified messages to an 
external processor included in the network access system for implementation of the policy-based 
services by the external processor" as recited by independent claim 26, or "a message interface 
coupled to an external processor that is configured to implement policy-based services" and 
"the second packet header filter identifies messages, received from the second network 
interface, on which policy-based services are to be implemented, wherein the second packet 
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header filter passes the identified messages to the external processor via the message interface" 
as recited by independent claim 50. 

Amara et al is directed to applying policies in packet forwarding devices, such as routers 
and remote access servers. (Col. 1: 9-11) Amara et al (per col. 2: 58-67) recognizes a problem 
with certain systems of a high overhead associated with applying policies to all incoming and 
outgoing packets, increasing the latency of each packet, and disadvantageously requiring time 
and effort to develop and manage policies for each interface. Amara et al (per col. 3: 2-11) 
includes an internal application that generates internally-generated packets. A policy is applied 
to the internally-generated packets, and the packets are then forwarded to a first interface. 
External packets are received at a second interface, and the external packets are forwarded to the 
first interface without applying the policy to them. 

Additionally, at col. 6: 9-25, Amara et al states: 

Policy engine 232 applies a policy to the internal packets, i.e., the 
internally-generated packets generated by internal applications 230 and the 
internally-destined packets used by internal applications 230. Policy engines 224- 
228 apply policies to the external packets forwarded by packet classifiers 214-218, 
respectively. Policy engines 224-228 typically also apply policies to the external 
packets forwarded by packet forwarder 222. 

In this way, device 200 applies policies to the internal packets and to the 
external packets. In general, the policies applied to the internal and external 
packets may differ. The approach used in device 200 may not realize the 
efficiency advantage afforded by the approach used in device 100. However, by 
applying policies to internal packets using policy engine 232, regardless of which 
of interfaces 202-206 may transmit or receive the packet, the task of policy 
management is greatly simplified. 

Regarding claims 1 and 26, the Office Action (pp. 2-3) correctly acknowledges that 
Amara et al "does not explicitly indicate that said packet header filter identifies messages 
received at to [sic] one of the first and second network interfaces on which policy-based services 
are to be implemented and passes identified messages via a message interface to an external 
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processor included in said network access system for implementation of the policy-based services 
by the external, \sic] wherein said packet header filter passes all other received messages through 
the packet header filter to another processor " and then relies on Bhattacharya et al for these 
features. 

As best understood, the Office Action (p. 3), citing col. 5: 50-60 and col. 12: 8-14 of 
Bhattacharya et ah, equates the recited "programmable access device" with the Policy 
Enforcement Entity 240 of Bhattacharya et al and equates the recited "external processor" with 
the Combined Policy Matching Engine 220, and then contends that Bhattacharya et al discloses 
"messages received on which policy-based services are to be implemented and passes identified 
messages via a message interface to an external processor included in said network access system 
for implementation of the policy-based services by the external (Column 6, lines 44-50), \sic\ 
wherein said packet header filter passes all other received messages through the packet header 
filter to another processor (Column 6, lines 50-56) ." 

However, at col. 12: 8-14, Bhattacharya et al states: 

Alternatively, the Combined Policy-matching Engine may be located in an 
external policy server and policy decisions may be outsourced to this device, 
while the service specific modules are located at the Policy Enforcement 
Entity such as the router or firewall. In such an architecture, the policy server 
functions as a single policy decision point serving a number of different network 
devices. 



At col. 6: 13-23, Bhattacharya et al states: 

In this architecture, the Policy Enforcement Entity 240 obtains all actions that are 
applicable for a packet by querying the Combined Policy-matching Engine 220. 
The decisions returned by the Combined Policy-matching Engine 220 determine 
the actual treatment that a packet receives within the Policy Enforcement 
Entity 240. It may also influence the order in which the service specific modules, 
such as Security Enforcement Module 280 and QOS Enforcement Module 290, 
process the entering packets 240 before they leave the device in a possibly 
conditioned or transformed state 245. 
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Further, the decisions 270 returned by the Combined Policy-matching Engine 220 of 
Bhattacharya et al depend on the "set of values for Selectors 260 which are defined as the 
attributes associated with an incoming packet that are necessary for packet classification. Policy 
Enforcement Entity 240 provides these values as inputs in the query using the Combined 
Policy-matching Engine Interface 250." (Col. 6: 24-33) 

Thus, any "implementation of the policy-based services" is, at best, performed by the 
Policy Enforcement Entity 240, and is not performed by the Combined Policy-matching Engine 
220. Furthermore, there are no received "messages" that are identified as "messages on which 
policy-based services are to be implemented" and which are passed to the Combined Policy- 
matching Engine 220 by any "packet header filter," as Bhattacharya et a/.'s Policy Enforcement 
Entity 240 (per FIG. 2) sends queries with selectors or CPE state updates 260 to the Combined 
Policy-matching Engine 220 to receive a decision 270 in response. Therefore, "implementation 
of the policy-based services by the external processor" as recited by independent claims 1 and 
26 is not suggested or disclosed by Bhattacharya et al, singly nor in any reasonable 
combination with Amara et al Therefore, the rejection of claims 1 and 26 should be withdrawn. 

The rejection of dependent claims 2-5, 15, 17, 21-22, 27-30, 39, 41, and 45-46 should be 
withdrawn for at least the same reasons as their respective independent claims, and these claims 
are separately patentable on their own merits. 

Regarding the rejection of independent claim 50, the recited features are neither 

suggested nor disclosed by any reasonable combination of Amara et al, Bhattacharya et al, and 

Gai et al, and the Office Action fails to explain how the recited features are suggested or 

disclosed by these references. For example, the Office Action (p. 9) states, "Amara also does not 

explicitly indicate that the policer comprises a marker that marks packets that do not conform 

with the traffic parameters. Gai teaches a method of identifying packets which do not conform 
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with the traffic parameters and a way to mark those packets (Column 20, lines 2-9; Column 4, 
line 64 - Column 5, line 8) and discarding those packets (Column 20, lines 2-9)." 

Applicants respectfully submit that the Office Action does not track the recited language 
of claim 50, for example, with regard to the "policer" and the "marker," for which claim 50 
recites, "a policer configured to discard packets determined as nonconforming to a first traffic 
parameter," "a marker configured to discard packets determined as nonconforming to a second 
traffic parameter," "a message interface coupled to an external processor that is configured to 
implement policy-based services" and "the second packet header filter identifies messages, 
received from the second network interface, on which policy-based services are to be 
implemented, wherein the second packet header filter passes the identified messages to the 
external processor via the message interface and passes all other messages received from 
the second network interface to the marker," and the Office Action does not explain how 
these features are met by the references. However, for reasons similar to those discussed 
previously, Applicants respectfully submit that these features are not suggested or disclosed by 
Amara et al. and Bhattacharya et ah, and the addition of Gai et al. does not fill in the gaps. 
Therefore, the rejection of claim 50 should be withdrawn. 

Further, with regard to the rejections of the remaining dependent claims, Applicants 

respectfully submit that the deficiencies of Amara et al. and Bhattacharya et ah are not cured by 

the secondary references of Gai et ah, Gibson et al, Jorgensen and Natarajan et al. Gai et al. is 

cited for a supposed teaching of a way to identify and mark packets that do not conform with 

traffic parameters, as teaching monitoring traffic entering a device, issuing thresholds for priority 

queuing and traffic classes, a plurality of output buffers, a scheduler, the use of user priority, and 

a reporting interface. Gibson et al is cited as supposedly teaching the use of Session Initiation 

Protocol (SIP) messages. Jorgensen is cited as teaching the use of Internet Group Multicast 
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Protocol messages, and Natarajan et al. is cited as teaching the use of a fault monitor. Thus, 
Applicants respectfully request withdrawal of the rejection with respect to dependent claims 6- 
14, 16, 18-20, 23-25, 31-38, 40, 42-44, and 47-49. 

Therefore, the present application overcomes the objections and rejections of record and 
is in condition for allowance. Favorable consideration is respectfully requested. If any 
unresolved issues remain, it is respectfully requested that the Examiner telephone the 
undersigned attorney at (703) 425-8508 so that such issues may be resolved as expeditiously as 
possible. 

Respectfully Submitted, 
DITTHAVONG & CARLSON, P.C. 




Reg. No. 41,946 

Phouphanomketh Ditthavong 
Reg. No. 44,658 

Attorney/Agent for Applicant(s) 



10507 Braddock Road 
Suite A 

Fairfax, VA 22032 
Tel. (703) 425-8508 
Fax. (703) 425-8518 
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